The backdoor is hidden in Dell's security software and you can gain full control if you exploit it


ByToshiyuki IMAI

Dell security software that there is a dangerous vulnerability, Internet security companiesDigital DefenseA researcher found out.

DDI Discoveres Six NEW Vulnerabilities - Digital Defense Inc.
https://www.digitaldefense.com/ddi-six-discoveries/


Hidden 'backdoor' in Dell security software gives hackers full access | ZDNet
http://www.zdnet.com/article/hidden-backdoor-account-found-in-dell-network-security-software/


It is a researcher of Digital Defense, a security company based in Texas, who discovered that a serious vulnerability exists on Dell's security software. The companyService that scans for software vulnerabilitiesWe are deploying.

The Digital Defense researcher warns that Dell's security management software has six high-risk vulnerabilities and needs patch distribution as soon as possible. Among the "six vulnerabilities", the most dangerous is "SonicWALL Global Management System(GMS) "software has. Although GMS is for monitoring and managing networked security devices used in companies and others, the default account is hidden in this software, and the password is easy to imagine It is said that. If a malicious attacker exploits this default account, full control of the software and control of all terminals where software is installed will be possible.

ByPascal

According to researchers of Digital Defense, cases where the vulnerability of Dell's security software was exploited was not reported at the time of article creation.

Dell acknowledges that these vulnerabilities exist on the GMS software of the latest version (version 8.0 and 8.1) and distributes patches. Also, Dell officially announced the security advisory, "I strongly recommend" to use installable hot fix from support page.

SonicWALL GMS Product Notification

in Software,   Security, Posted by logu_ii